Which of the following is MOST important to the successful promotion of good security management practices?

• A.Security metrics
• B.Security baselines
• C.Management support
• D.Periodic training

Comment: *

Name: *

Email: *

Verification: *

What is the MOST appropriate change management procedure for the handling of emergency program changes?

• A.Formal documentation does not need to be completed before the change
• B.Business management approval must be obtained prior to the change
• C.Documentation is completed with approval soon after the change
• D.All changes must follow the same process

Comment: *

Name: *

Email: *

Verification: *

An information security program should focus on:

• A.best practices also in place at peer companies.
• B.solutions codified in international standards.
• C.key controls identified in risk assessments.
• D.continued process improvement.

Comment: *

Name: *

Email: *

Verification: *

Which of the following factors is MOST likely to increase the chances of a successful social engineering attack?

• A.Technical skills.
• B.Knowledge of internal procedures
• C.Potential financial gain
• D.Weak authentication for remote access

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST enable an information security manager to identify the risk associated with cloud-based solutions?

• A.Reviewing third-party audits of cloud service providers
• B.Benchmarking with peer organizations using cloud solutions
• C.Reviewing vendor adherence to service level agreements (SLAs)
• D.Assessing the solutions against the organization's security policies

Comment: *

Name: *

Email: *

Verification: *